[dns-operations] Who's sleeping well tonight and who's not?

Hauke Lampe lampe at hauke-lampe.de
Thu Jul 15 20:54:05 UTC 2010

Oh my. It works! It really does!

On 07/15/2010 03:41 PM, Wolfgang Nagele wrote:

> Interested parties need to wait for the trust-anchor to be published by IANA
> before starting to validate.

Not necessarily. Olaf Kolkman published the key's DS hash. Unbound can
use that as trust anchor, too:

hauke at pope:~$ dig +dnssec . soa @

; <<>> DiG 9.7.1-P1 <<>> +dnssec . soa @
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54640
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 14, ADDITIONAL: 1

My personal thanks to all those who made possible what was frowned upon
as a myth that would never come when I first heard about KEY and NXT
quite a few years ago.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20100715/bad85c0f/attachment.sig>

More information about the dns-operations mailing list